a9ac95b6ce682fb96f8c044145230e7a012a9a83f8c80c2f567b3f39c597bbc5

Sharing

Copy URL Twitter E-mail

General

Target

a9ac95b6ce682fb96f8c044145230e7a012a9a83f8c80c2f567b3f39c597bbc5
Size

701KB
MD5

4be45d71ab7549eb5eb44327d3ec5085
SHA1

e07a15cce91aef02e3c0152f9479b1c55698956f
SHA256

a9ac95b6ce682fb96f8c044145230e7a012a9a83f8c80c2f567b3f39c597bbc5
SHA512

774e85ea33deef6562633d971de21d5161ba9d1e5e665900bc1a8911bf74934421f84b8defaea1adfd3a7c9b4df723f0cc1642dac1d56c4f20d34b3795dee1dd
SSDEEP

12288:zhAgknl/q/Tw1XJzlDy277Lhemyf8MM+ed0r1p7S1Na5ep:+gElTXJzlyqVLMM+g0GTWep

Score

N/A

Malware Config

Signatures

Files

a9ac95b6ce682fb96f8c044145230e7a012a9a83f8c80c2f567b3f39c597bbc5
.dll regsvr32 windows x86

b55e631d226330d11124525572071411

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

__mb_cur_max
mbtowc
_onexit
_lock
__dllonexit
_unlock
_adjust_fdiv
_amsg_exit
isleadbyte
_purecall
_iob
_snprintf
_itoa
ferror
wcstombs
__badioinfo
_initterm
free
malloc
_XcptFilter
_vsnwprintf
_errno
__pioinfo
_fileno
_lseeki64
_write
_isatty
memcpy
fprintf
fclose
fflush
asctime
localtime
_CIsqrt
_wfopen
time
fseek
fscanf
_CIexp
_CIlog
ceil
printf
_wremove
srand
fopen
_CIlog10
rand
exit
ftell
feof
puts
memset

mfplat

MFHeapFree
MFHeapAlloc

kernel32

WaitForMultipleObjects
ReleaseSemaphore
SignalObjectAndWait
GetLocalTime
DelayLoadFailureHook
InterlockedExchangeAdd
GetProcessAffinityMask
SetThreadAffinityMask
CreateEventW
GetCurrentThread
GetThreadPriority
CreateThread
SetThreadPriority
ResetEvent
SetEvent
WaitForSingleObject
CloseHandle
GetSystemInfo
GetTempPathW
SetLastError
GetTempFileNameW
GetEnvironmentVariableW
CreateSemaphoreW
GetComputerNameA
GetVersion
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
RtlUnwind
OutputDebugStringA
Sleep
InterlockedExchange
GetModuleFileNameA
InterlockedIncrement
InterlockedCompareExchange
FreeLibrary
InterlockedDecrement
EnterCriticalSection
LeaveCriticalSection
MulDiv
SetEnvironmentVariableW
GetProcAddress
LoadLibraryA
DeleteCriticalSection
InitializeCriticalSection
QueryPerformanceCounter

ole32

CoTaskMemFree
CoTaskMemAlloc

oleaut32

VariantInit
SysFreeString
SysAllocString

advapi32

GetTraceLoggerHandle
RegCloseKey
RegSetValueExW
RegOpenKeyExW
RegCreateKeyW
RegCreateKeyExW
RegOpenKeyW
RegQueryValueExW
RegisterTraceGuidsW
TraceEvent
GetTraceEnableFlags
GetTraceEnableLevel
UnregisterTraceGuids
RegSetValueA
RegSetValueExA

msdmo

MoFreeMediaType
MoDuplicateMediaType
MoDeleteMediaType
DMORegister
DMOUnregister
MoCopyMediaType
MoInitMediaType

Exports

Exports

CreateInstance
DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 505KB - Virtual size: 505KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 116KB - Virtual size: 388KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 61KB - Virtual size: 61KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b55e631d226330d11124525572071411

Headers

DLL Characteristics

File Characteristics

Imports

msvcrt

mfplat

kernel32

ole32

oleaut32

advapi32

msdmo

Exports

Exports

Sections

.text Size: 505KB - Virtual size: 505KB

.data Size: 116KB - Virtual size: 388KB

.rsrc Size: 61KB - Virtual size: 61KB

.reloc Size: 17KB - Virtual size: 17KB

.text
Size: 505KB - Virtual size: 505KB

.data
Size: 116KB - Virtual size: 388KB

.rsrc
Size: 61KB - Virtual size: 61KB

.reloc
Size: 17KB - Virtual size: 17KB